头盔詹金斯的备份作业无故失败

Question

我正在使用詹金斯的官方helm图表。

我已启用备份，还提供了备份凭据

这是values.yaml

中的相关配置

## Backup cronjob configuration
## Ref: https://github.com/maorfr/kube-tasks
backup:
  # Backup must use RBAC
  # So by enabling backup you are enabling RBAC specific for backup
  enabled: true
  # Used for label app.kubernetes.io/component
  componentName: "jenkins-backup"
  # Schedule to run jobs. Must be in cron time format
  # Ref: https://crontab.guru/
  schedule: "0 2 * * *"
  labels: {}
  annotations: {}
    # Example for authorization to AWS S3 using kube2iam
    # Can also be done using environment variables
    # iam.amazonaws.com/role: "jenkins"
  image:
    repository: "maorfr/kube-tasks"
    tag: "0.2.0"
  # Additional arguments for kube-tasks
  # Ref: https://github.com/maorfr/kube-tasks#simple-backup
  extraArgs: []
  # Add existingSecret for AWS credentials
  existingSecret: {}
    # gcpcredentials: "credentials.json"
  ## Example for using an existing secret
   # jenkinsaws:
  ## Use this key for AWS access key ID
  awsaccesskey: "AAAAJJJJDDDDDDJJJJJ"
  ## Use this key for AWS secret access key
  awssecretkey: "frkmfrkmrlkmfrkmflkmlm"
  # Add additional environment variables
   # jenkinsgcp:
  ## Use this key for GCP credentials
  env: []
  # Example environment variable required for AWS credentials chain
  # - name: "AWS_REGION"
  #   value: "us-east-1"
  resources:
    requests:
      memory: 1Gi
      cpu: 1
    limits:
      memory: 1Gi
      cpu: 1
  # Destination to store the backup artifacts
  # Supported cloud storage services: AWS S3, Minio S3, Azure Blob Storage, Google Cloud Storage
  # Additional support can added. Visit this repository for details
  # Ref: https://github.com/maorfr/skbn
  destination: "s3://jenkins-data/backup"

但是备份作业失败，如下所示：

2020/01/22 20:19:23 Backup started!
2020/01/22 20:19:23 Getting clients
2020/01/22 20:19:26 NoCredentialProviders: no valid providers in chain. Deprecated.
    For verbose messaging see aws.Config.CredentialsChainVerboseErrors

缺少什么？

Answer 1

您必须创建如下所示的机密：

kubectl create secret generic jenkinsaws --from-literal=jenkins_aws_access_key=ACCESS_KEY --from-literal=jenkins_aws_secret_key=SECRET_KEY

然后像这样消耗它：

existingSecret：

jenkinsaws: 
  awsaccesskey: jenkins_aws_access_key
  awssecretkey: jenkins_aws_secret_key

其中jenkins_aws_access_key / jenkins_aws_secret_key是秘密的钥匙